It was developed to create a cyber security standard that would be an affordable and achievable alternative to other international standards, allowing small and medium enterprises within supply chains to demonstrate their level of cyber security for a realistic cost. Cyber assurance also shows that they are taking good steps to properly protect their customers’ information.
Besides verifying the safety and security of a company’s data and network, the IASME Cyber Assurance certification also demonstrates a company’s commitment to cyber security to their customers. This helps reduce insecure networks and provides assurance and trust in an organisation that it has taken the steps necessary for the protection of its data and network.
With the IASME Cyber Assurance certification, companies can be sure that their data is safe and that they have taken the necessary steps to protect their customers’ data.
The IASME Cyber Assurance certification includes GDPR requirements and is available in two levels
Level 1: Verified assessment.
Level 2: Audited.
It is important to note that you must hold a valid Cyber Essentials certificate throughout your IASME Cyber Assurance certification.
What is IASME Cyber Assurance Certification?
IASME Cyber Assurance Certification is an internationally recognised UK certification which verifies the security and privacy capabilities of an organisation. It provides assurance that your security controls meet best practice standards and offers a 3rd party impartial assessment of your technical staff and processes.
The Levels of IASME Cyber Assurance Certifications
IASME Cyber Assurance is risk-based and includes key aspects of security such as incident response, asset management, people management, physical controls and GDPR compliance.
Level 1 Certification is the first step along the certification pathway for IASME Cyber Assurance.
For the Level 1 certification, organisations are given access to a secure portal to complete their application and provide details against the Question Set.
Level 2 Certification involves an audit of your processes, procedures and controls required by the standard. The audit is independent and conducted by us (an IASME Certification Body and Assessor).
You will need to have completed the IASME Cyber Assurance Level 1 certification before you can progress to the Level 2.
Level One Certification - Self Assessment
- IASME Cyber Assurance is risk-based and includes key aspects of security such as incident response, asset management, people management, physical controls and GDPR compliance.
- Level 1 Certification is the first step along the certification pathway for IASME Cyber Assurance.
- For the Level 1 certification, organisations are given access to a secure portal to complete their application and provide details against the Question Set.
- The pricing for Level 1 certification is based on the size of the organisation applying for the certification.
Level Two Certification - Audited
- Involves an audit of your processes, procedures and controls required by the standard. The audit is independent and conducted by us (an IASME Certification Body and Assessor).
- You will need to have completed the IASME Cyber Assurance Level 1 certification before you can progress to the Level 2 audit.
- The standard covers 13 themes across 5 areas of control
- Planning information security,
- Organisation,
- Assets,
- Legal and regulatory landscape,
- Assessing and treating risks.
Level One - Pricing Structure
| Organisation Size | No. of Employees | Cost |
|---|---|---|
| Micro Organisations | 0-9 Employees | £300 + VAT |
| Small Organisations | 10-49 Employees | £400 + VAT |
| Medium Organisations | 50-249 Employees | £450 + VAT |
| Large Organisations | 250+ Employees | £500 + VAT |
Level 2 - Standards
Identify and Classify
- Planning
- Organisation
- Assets
- Legal and regulatory landscape
- Assessing and treating risks
- Physical and environmental protection
- People
Protect
- Policy realisation
- Managing access
- Technical intrusion
- Backup and restore
Detect and Deter
- Secure business operations: Monitoring, review, change management
Detect and Deter
- Resilience: Business continuity, incident management, and disaster recovery
It is important for businesses to make sure that they are properly protected in the digital age. IASME Cyber Assurance is a set of standards used to measure the effectiveness of an organisation’s cyber security system and processes. With so much of our business conducted online, having the IASME Cyber Assurance Certification is essential if you want to be taken seriously.
Benefits of IASME Cyber Assurance Certification
Cyber Assurance Certification benefits organisations looking to protect their data and networks from cyber threats. This standard makes sure organisations stay compliant with the latest in data protection laws, make sure they are secure, and are up to date with the latest security measures.
It’s a great way for organisations to safeguard their data and systems from cyber-attacks, as well as increasing accountability and transparency when it comes to data privacy all while building trust with your customers and providing them with peace of mind when it comes to the security of their data.
- Improved cybersecurity
- Improved customer confidence
- Increased visibility of security concerns
Frequently Asked Questions
1 Can I apply to do Cyber Essentials and IASME Cyber Assurance together?
Yes, you can apply for both Cyber Essentials and IASME Cyber Assurance at the same time. However, you cannot start your IASME Cyber Assurance application until you've successfully achieved Cyber Essentials.
2 Do the fees include both Cyber Essentials and IASME Cyber Assurance?
No, both Cyber Essentials and IASME Cyber Assurance have a separate tiered pricing structure which are based on the size of your company.
3 Is IASME Cyber Assurance mapped against other standards?
Yes, the IASME Consortium Ltd have mapped IASME Cyber Assurance against several other standards here: https://iasme.co.uk/iasme-governance/mapping-to-other-standards/